npm - chapa-cli - Versions diffs - 0.2.2 → 0.2.5 - Mend

chapa-cli 0.2.2 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +75 -5
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -16,6 +16,8 @@ function parseArgs(argv) {
       "emu-token": { type: "string" },
       token: { type: "string" },
       server: { type: "string", default: DEFAULT_SERVER },
+      verbose: { type: "boolean", default: false },
+      insecure: { type: "boolean", default: false },
       version: { type: "boolean", short: "v", default: false },
       help: { type: "boolean", short: "h", default: false }
     },
@@ -28,6 +30,8 @@ function parseArgs(argv) {
     emuToken: values["emu-token"],
     token: values.token,
     server: values.server ?? DEFAULT_SERVER,
+    verbose: values.verbose ?? false,
+    insecure: values.insecure ?? false,
     version: values.version ?? false,
     help: values.help ?? false
   };
@@ -319,7 +323,52 @@ var MAX_POLL_ATTEMPTS = 150;
 function sleep(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
-async function login(serverUrl) {
+function restoreTls(insecure, original) {
+  if (!insecure) return;
+  if (original === void 0) {
+    delete process.env.NODE_TLS_REJECT_UNAUTHORIZED;
+  } else {
+    process.env.NODE_TLS_REJECT_UNAUTHORIZED = original;
+  }
+}
+var TLS_ERROR_PATTERNS = [
+  "UNABLE_TO_VERIFY_LEAF_SIGNATURE",
+  "CERT_HAS_EXPIRED",
+  "DEPTH_ZERO_SELF_SIGNED_CERT",
+  "SELF_SIGNED_CERT_IN_CHAIN",
+  "ERR_TLS_CERT_ALTNAME_INVALID",
+  "CERTIFICATE_VERIFY_FAILED",
+  "SSL"
+];
+function isTlsError(message) {
+  return TLS_ERROR_PATTERNS.some((p) => message.includes(p));
+}
+function getRootErrorMessage(err) {
+  let current = err;
+  let message = "";
+  while (current instanceof Error) {
+    message = current.message;
+    current = current.cause;
+  }
+  return message;
+}
+function getFullErrorChain(err) {
+  const messages = [];
+  let current = err;
+  while (current instanceof Error) {
+    messages.push(current.message);
+    current = current.cause;
+  }
+  return messages.join(" | ");
+}
+async function login(serverUrl, opts = {}) {
+  const { verbose = false, insecure = false } = opts;
+  const originalTlsSetting = process.env.NODE_TLS_REJECT_UNAUTHORIZED;
+  if (insecure) {
+    process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
+    console.warn("\n\u26A0 TLS certificate verification disabled (--insecure).");
+    console.warn("  Use only on corporate networks with TLS interception.\n");
+  }
   const baseUrl = serverUrl.replace(/\/+$/, "");
   const sessionId = randomUUID();
   const authorizeUrl = `${baseUrl}/cli/authorize?session=${sessionId}`;
@@ -342,7 +391,9 @@ async function login(serverUrl) {
         `${baseUrl}/api/cli/auth/poll?session=${sessionId}`
       );
       if (!res.ok) {
-        if (!serverErrorLogged) {
+        if (verbose) {
+          console.error(`[poll ${i + 1}] HTTP ${res.status}`);
+        } else if (!serverErrorLogged) {
           console.error(`
 Server returned ${res.status}. Retrying...`);
           serverErrorLogged = true;
@@ -350,7 +401,21 @@ Server returned ${res.status}. Retrying...`);
         continue;
       }
       data = await res.json();
-    } catch {
+      if (verbose) {
+        console.error(`[poll ${i + 1}] ${data?.status ?? "no status"}`);
+      }
+    } catch (err) {
+      const rootMsg = getRootErrorMessage(err);
+      const fullChain = getFullErrorChain(err);
+      if (verbose) {
+        console.error(`[poll ${i + 1}] network error: ${rootMsg}`);
+      }
+      if (!insecure && isTlsError(fullChain)) {
+        console.error(`
+TLS certificate error: ${rootMsg}`);
+        console.error("This looks like a corporate network with TLS interception.");
+        console.error("  try: chapa login --insecure\n");
+      }
       continue;
     }
     if (data?.status === "approved" && data.token && data.handle) {
@@ -362,19 +427,22 @@ Server returned ${res.status}. Retrying...`);
       console.log(`
 Logged in as ${data.handle}!`);
       console.log("Credentials saved to ~/.chapa/credentials.json");
+      restoreTls(insecure, originalTlsSetting);
       return;
     }
     if (data?.status === "expired") {
+      restoreTls(insecure, originalTlsSetting);
       console.error("\nSession expired. Please try again.");
       process.exit(1);
     }
   }
+  restoreTls(insecure, originalTlsSetting);
   console.error("\nTimed out waiting for approval. Please try again.");
   process.exit(1);
 }
 // src/index.ts
-var VERSION = true ? "0.2.2" : "0.0.0-dev";
+var VERSION = true ? "0.2.5" : "0.0.0-dev";
 var HELP_TEXT = `chapa-cli v${VERSION}
 Merge GitHub EMU (Enterprise Managed User) contributions into your Chapa badge.
@@ -390,6 +458,8 @@ Options:
   --handle <handle>       Override personal handle (auto-detected from login)
   --token <token>         Override auth token (auto-detected from login)
   --server <url>          Chapa server URL (default: https://chapa.thecreativetoken.com)
+  --verbose               Show detailed polling logs during login
+  --insecure              Skip TLS certificate verification (corporate networks)
   --version, -v           Show version number
   --help, -h              Show this help message
 `;
@@ -404,7 +474,7 @@ async function main() {
     process.exit(0);
   }
   if (args.command === "login") {
-    await login(args.server);
+    await login(args.server, { verbose: args.verbose, insecure: args.insecure });
     return;
   }
   if (args.command === "logout") {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "chapa-cli",
-  "version": "0.2.2",
+  "version": "0.2.5",
   "description": "Merge GitHub EMU contributions into your Chapa developer impact badge",
   "type": "module",
   "bin": {